OK - we touched on this earlier but want to see if I can actually make
it work. What I want to do is use ratelimit to limit IP addresses so
that if I get several invalid users (dictionary attack) that the IP
address of the attacker get a defer until some time passes. I'm thinking
that one bad recitient gets you defered for 10 minutes.
So what I need apparently is a pair of acls and trying to understand how
it works. The first ACL will need to read the rate into an ACL variable
without adding to the total. I guess if I had a condition in the acl
that forced it to be false then the count wouldn't increase? But if it's
false, can I set the variable?
Just wondering if anyone has a working model based on this idea?